BackupPC

From Wiki
Jump to navigation Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

Location

http://m13.umassmed.edu/BackupPC

Server

Files

Configuration and keys are stored in /var/lib/BackupPC and in /etc/BackupPC on m13.umassmed.edu

All backup files are stored in /storage/big0/BackupPC on m13.umassmed.edu

Those files are backed up nightly to /storage/big5 on alcor.umassmed.edu 

sudo dnf install postfix 
sudo systemctl enable postfix.service
sudo systemctl start postfix.service

If using selinux: 

 restorecon -pr /var/lib/BackupPC

Excluded Files

The files are excluded because they are either temporary or backed up independently 

$Conf{BackupFilesExclude} = {
 '*' => [
   '/tmp',
   '/proc',
   '/dev',
   '/sys',
   '/lost+found',
   '/media',
   '/var/spool',
   '/var/tmp',
   '/storage', # linked to home, which is backed up, and where it is a separate drive, it is backed up by a different mechanism
   '/mnt',
   '/*/.mozilla/*/*/Cache'
 ]
};

SSH Keys

Client SSHD

sudo vi /etc/ssh/sshd_config

Change PermitRootLogin yes 

sudo service sshd restart

Server public key on Client machine

Server

copy m13.umassmed.edu BackupPC key to client located at /var/lib/BackupPC/.ssh/id_rsa.pub, as backuppc 

su -s /bin/bash backuppc
scp ~/.ssh/BackupPC_id_rsa.pub root@<host>:/root/.ssh/

Client

Append the key, as root to authorized_keys (authorized_keys2 is deprecated, Fedora >= 17) 

cat /root/.ssh/BackupPC_id_rsa.pub >> /root/.ssh/authorized_keys


edit /root/.ssh/authorized_keys2 and add before ssh-rsa...use ip, rather hostname. Is from= broken? seems so. Don't use. 

from="146.189.76.92" 

rm /root/.ssh/BackupPC_id_rsa.pub
chmod -R go-rwx ~/.ssh

Client public key on Server machine

Client

Done as root if backing up entire system

Generate a key 

ssh-keygen -t rsa

copy the key from the client to the server, as root 

scp /root/.ssh/id_rsa.pub root@m13.umassmed.edu:/var/lib/BackupPC/.ssh/client_id_rsa.pub

Server

Append the key, as user backuppc on m13.umassmed.edu 

cat ~/.ssh/client_id_rsa.pub >> ~/.ssh/known_hosts
exit

as root 

chmod -R go-rwx /var/lib/BackupPC/.ssh
rm /var/lib/BackupPC/.ssh/client_id_rsa.pub

Client SSHD

sudo vi /etc/ssh/sshd_config

change PermitRootLogin without-password 

sudo service sshd restart

Also consider restrict AllowUsers

Test

On m13.umassmed.edu as backuppc 

ssh -l root <client Machine> whoami

Use just hostname, without domainname (i.e. big, and not big.umassmed.edu) Should return as "root" without prompting for a password

Users and Machines

Administrator creates a user account in /etc/BackupPC/apache.users : 

htpasswd /etc/BackupPC/apache.users username

username must also have a normal linux account

If they are an admin, then they must be added to 

vi /etc/BackupPC/config.pl

Add their client's machine and username to 

vi /etc/BackupPC/hosts


Linux machines should install nmbd, part of the samba suite. Edit /etc/samba/smb.conf and put in an appropriate "netbios name =" entry and then confirm you can either find the machine with: 

nmblookup <name>

or 

nmblookup -A <ip>

If it is the latter, then the DHCP IP range must be put in the configuration file

Retrieved from "http://big.umassmed.edu/wiki/index.php?title=BackupPC&oldid=663"